Bläddra i källkod

Added Auth Token to Users and API calls

tags/2.0.6
Teknikode 3 år sedan
förälder
incheckning
b3b0277582

+ 34
- 0
Teknik/Areas/API/Controllers/APIv1Controller.cs Visa fil

@@ -15,6 +15,8 @@ using Teknik.Areas.Shortener.Models;
using nClam;
using Teknik.Filters;
using Teknik.Areas.API.Models;
using Teknik.Areas.Users.Models;
using Teknik.Areas.Users.Utility;

namespace Teknik.Areas.API.Controllers
{
@@ -117,6 +119,18 @@ namespace Teknik.Areas.API.Controllers

if (upload != null)
{
// Associate this with the user if they provided an auth key
if (!string.IsNullOrEmpty(model.authToken))
{
User foundUser = UserHelper.GetUserFromToken(db, Config, model.authToken);
if (foundUser != null)
{
upload.UserId = foundUser.UserId;
db.Entry(upload).State = EntityState.Modified;
db.SaveChanges();
}
}

// Generate delete key if asked to
if (model.genDeletionKey)
{
@@ -169,6 +183,16 @@ namespace Teknik.Areas.API.Controllers
{
Paste.Models.Paste paste = PasteHelper.CreatePaste(model.code, model.title, model.syntax, model.expireUnit, model.expireLength, model.password, model.hide);

// Associate this with the user if they provided an auth key
if (!string.IsNullOrEmpty(model.authToken))
{
User foundUser = UserHelper.GetUserFromToken(db, Config, model.authToken);
if (foundUser != null)
{
paste.UserId = foundUser.UserId;
}
}

db.Pastes.Add(paste);
db.SaveChanges();

@@ -204,6 +228,16 @@ namespace Teknik.Areas.API.Controllers
{
ShortenedUrl newUrl = Shortener.Shortener.ShortenUrl(model.url, Config.ShortenerConfig.UrlLength);

// Associate this with the user if they provided an auth key
if (!string.IsNullOrEmpty(model.authToken))
{
User foundUser = UserHelper.GetUserFromToken(db, Config, model.authToken);
if (foundUser != null)
{
newUrl.UserId = foundUser.UserId;
}
}

db.ShortenedUrls.Add(newUrl);
db.SaveChanges();


+ 6
- 0
Teknik/Areas/API/Models/APIv1BaseModel.cs Visa fil

@@ -9,9 +9,15 @@ namespace Teknik.Areas.API.Models
{
public bool doNotTrack { get; set; }

public string username { get; set; }

public string authToken { get; set; }

public APIv1BaseModel()
{
doNotTrack = false;
username = string.Empty;
authToken = string.Empty;
}
}
}

+ 25
- 0
Teknik/Areas/User/Models/AuthToken.cs Visa fil

@@ -0,0 +1,25 @@
using System;
using System.Collections.Generic;
using System.ComponentModel.DataAnnotations.Schema;
using System.Linq;
using System.Web;
using Teknik.Attributes;

namespace Teknik.Areas.Users.Models
{
public class AuthToken
{
public int AuthTokenId { get; set; }

public int UserId { get; set; }

public virtual User User { get; set; }

public string Name { get; set; }

[CaseSensitive]
public string HashedToken { get; set; }

public DateTime LastDateUsed { get; set; }
}
}

+ 3
- 0
Teknik/Areas/User/Models/User.cs Visa fil

@@ -35,6 +35,8 @@ namespace Teknik.Areas.Users.Models

public virtual ICollection<TrustedDevice> TrustedDevices { get; set; }

public virtual ICollection<AuthToken> AuthTokens { get; set; }

public virtual ICollection<Upload.Models.Upload> Uploads { get; set; }

public virtual ICollection<Paste.Models.Paste> Pastes { get; set; }
@@ -48,6 +50,7 @@ namespace Teknik.Areas.Users.Models
LastSeen = DateTime.Now;
Groups = new List<Group>();
TrustedDevices = new List<TrustedDevice>();
AuthTokens = new List<AuthToken>();
}
}
}

+ 23
- 0
Teknik/Areas/User/Utility/UserHelper.cs Visa fil

@@ -134,6 +134,22 @@ namespace Teknik.Areas.Users.Utility
}
}

public static string GenerateAuthToken(Config config, User user)
{
try
{
string username = user.Username.ToLower();
byte[] hashBytes = SHA384.Hash(username, StringHelper.RandomString(24));
string hash = hashBytes.ToHex();

return hash;
}
catch (Exception ex)
{
throw new Exception("Unable to generate user auth token.", ex);
}
}

public static void AddAccount(TeknikEntities db, Config config, User user, string password)
{
try
@@ -212,6 +228,13 @@ namespace Teknik.Areas.Users.Utility
return user;
}

public static User GetUserFromToken(TeknikEntities db, Config config, string token)
{
string hashedToken = SHA256.Hash(token);
User foundUser = db.Users.FirstOrDefault(u => u.AuthTokens.Select(a => a.HashedToken).Contains(hashedToken));
return foundUser;
}

public static bool UserExists(TeknikEntities db, string username)
{
User user = GetUser(db, username);

+ 2
- 0
Teknik/Models/TeknikEntities.cs Visa fil

@@ -23,6 +23,7 @@ namespace Teknik.Models
public DbSet<Group> Groups { get; set; }
public DbSet<Role> Roles { get; set; }
public DbSet<TrustedDevice> TrustedDevices { get; set; }
public DbSet<AuthToken> AuthTokens { get; set; }
public DbSet<TransferType> TransferTypes { get; set; }
// User Settings
public DbSet<UserSettings> UserSettings { get; set; }
@@ -113,6 +114,7 @@ namespace Teknik.Models
modelBuilder.Entity<Group>().ToTable("Groups");
modelBuilder.Entity<Role>().ToTable("Roles");
modelBuilder.Entity<TrustedDevice>().ToTable("TrustedDevices");
modelBuilder.Entity<AuthToken>().ToTable("AuthTokens");
modelBuilder.Entity<TransferType>().ToTable("TransferTypes");
modelBuilder.Entity<RecoveryEmailVerification>().ToTable("RecoveryEmailVerifications");
modelBuilder.Entity<ResetPasswordVerification>().ToTable("ResetPasswordVerifications");

+ 1
- 0
Teknik/Teknik.csproj Visa fil

@@ -238,6 +238,7 @@
<Compile Include="Areas\User\Models\ResetPasswordVerification.cs" />
<Compile Include="Areas\User\Models\RecoveryEmailVerification.cs" />
<Compile Include="Areas\User\Models\SecuritySettings.cs" />
<Compile Include="Areas\User\Models\AuthToken.cs" />
<Compile Include="Areas\User\Models\TrustedDevice.cs" />
<Compile Include="Areas\User\ViewModels\TwoFactorViewModel.cs" />
<Compile Include="Attributes\TeknikAuthorizeAttribute.cs" />

Laddar…
Avbryt
Spara